Re: [PATCH] vdagent-win: Assure you set a new HKEY_CURRENT_USER changing user.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> 
> Hey,
> 
> On Thu, Apr 23, 2015 at 08:22:51AM -0400, Frediano Ziglio wrote:
> > HKEY_CURRENT_USER is cached as first profile is loaded. Closing the key
> > before setting the token allow the system to set a new HKEY_CURRENT_USER.
> > Some informations are readed from this key (like Desktop folder using
> > shell APIs).
> > 
> > Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx>
> > ---
> >  vdagent/as_user.cpp | 2 ++
> >  1 file changed, 2 insertions(+)
> > 
> > diff --git a/vdagent/as_user.cpp b/vdagent/as_user.cpp
> > index c8016da..96ecc24 100644
> > --- a/vdagent/as_user.cpp
> > +++ b/vdagent/as_user.cpp
> > @@ -46,6 +46,8 @@ bool AsUser::begin()
> >          }
> >      }
> >  
> > +    RegCloseKey(HKEY_CURRENT_USER);
> > +
> 
> Not sure about that one as we don't seem to be opening that key
> ourselves.
> https://msdn.microsoft.com/en-us/library/windows/desktop/aa378612%28v=vs.85%29.aspx
> mentions RevertToSelf(), maybe this is something that needs to be called
> in order to cause HKEY_CURRENT_USER to be reread?
> 
> Christophe
> 

During impersonation one thing that Windows does is to try to create HKEY_CURRENT_USER. This is done automatically for you by Windows when it launch a process.
HKEY_CURRENT_KEY is a predefined key value.
Anyway when you impersonate a user HKEY_CURRENT_USER is pointed to HKEY_USERS\<sid-string-of-user> (think as a symbolic link). If HEKY_CURRENT_USER is already opened (which usually is the case) Windows do not change the registry key and you will still find old values.
Probably you should close the key even before RevertToSelf. Surely IMHO before ImpersonateLoggedOnUser.

Frediano
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/spice-devel





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]     [Monitors]